Last night I became aware of a SQL Injection vulnerability in BF Survey Pro. I have developed a fix and released a new version to address this issue.
I strongly advise that you upgrade to BF Survey Pro v1.2.6 as soon as possible to protect your site.
http://www.nessus.org/plugins/index.php?view=single&id=40988 What is a SQL Injection?
Basically a hacker can potentially run SQL commands on your Joomla site, for example resetting the administrator password.
What is the vulnerability?
In the function updateOnePage() in the file /components/com_bfsurvey_pro/controller.php
The following line of code can be exploited by hackers
$table = JRequest::getVar( 'table', "", 'post', 'string' );
The fix is to replace this line of code with the following:
$catid = JRequest::getVar( 'catid', 0, '', 'int' );
global $mainframe;
$table=$mainframe->getCfg('dbprefix')."bfsurveypro_".$catid;
Products Effected:
BF Survey Pro v1.2.5 or lower (fixed in version 1.2.6)
BF Survey Basic v1.0 (fixed in version 1.1)
BF Quiz v1.1.1 (fixed in version 1.2 or greater)
Please note: no update was sent for BF Quiz as the current version does not have this vulnerability.
I have emailed out updates to customers who have purchased these products. If you missed out, just send me an email with proof of purchase (date purchased, paypal email address used etc).
Free/trial versions have been updated. If you are currently using these product I recommend that you upgrade to the current version.
To date I am not aware of any sites that have been effected by this vulnerability, however I strongly advise you to update as soon as possible to protect yourself.
regards
Tim
